0e63a5fc0fbb6f1c5e7005ace1a23d2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e63a5fc0fbb6f1c5e7005ace1a23d2a_JaffaCakes118
Size

88KB
MD5

0e63a5fc0fbb6f1c5e7005ace1a23d2a
SHA1

28de18ed56609a7dc50e2e7d5522787dab12efc2
SHA256

0e3e5aab8a0db91329a2a026618d041606a5aae390f73cef439dce27ed43f97b
SHA512

2c10c27442a26091323def7e435fe8d2aa8b113a8b94e692eff0fb44ad116a30f5c475461fa345666a9dca4a27d354444099251bcff4ceae2799cbbfc4d36739
SSDEEP

1536:T/bMZFfQ+u0eaUg5ttBKm/DgNFMhNw52TIjtvccNJKgaXycjO:T/4g+uQjv9DgNuI2EvccW5S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e63a5fc0fbb6f1c5e7005ace1a23d2a_JaffaCakes118

Files

0e63a5fc0fbb6f1c5e7005ace1a23d2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07a050535d0a0c77ef5b71cfa1c5dbe5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvcrt

_controlfp

wsock32

shutdown

user32

TrackPopupMenuEx

gdi32

SetBkColor

advapi32

LookupPrivilegeValueA

shell32

Shell_NotifyIconA

urlmon

URLDownloadToCacheFileA

version

GetFileVersionInfoSizeA

wininet

InternetGetConnectedState

ole32

CoInitialize

oleaut32

SysAllocString

Sections

pec1
Size: 58KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE